CVE-2017-17320

CWE-4153 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 70.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Technologies Co., Ltd. Mate 9 PROHuawei Mate 9 PRO Firmware
Timeline
PublishedMar 20
Latest updateMay 14

Description

Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code execution.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/mate_9_pro_firmwarelon-al00bc00b139d, lon-al00bc00b229, lon-l29dc721b188+2
CVEListV5huawei_technologies_co.,_ltd./mate_9_proLON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188

🔴Vulnerability Details

2
GHSA
GHSA-9w3x-5xrr-jfm6: Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability2022-05-14
CVEList
CVE-2017-17320: Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability2018-03-20
CVE-2017-17320 (HIGH CVSS 7.8) | Huawei Mate 9 Pro smartphones with | cvebase.io